package weaver.weaversso;

import com.engine.integration.biz.NoOpEntityResolver;
import java.io.File;
import java.io.IOException;
import java.util.Date;
import java.util.Iterator;
import java.util.List;
import java.util.Properties;
import java.util.Set;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.jdom.Document;
import org.jdom.Element;
import org.jdom.JDOMException;
import org.jdom.input.SAXBuilder;
import weaver.conn.RecordSet;
import weaver.file.Prop;
import weaver.general.AES;
import weaver.general.GCONST;
import weaver.general.Util;
import weaver.hrm.User;
import weaver.integration.logging.Logger;
import weaver.integration.logging.LoggerFactory;
import weaver.security.util.SecurityMethodUtil;

public class GetToken extends HttpServlet {
    private Logger logger = LoggerFactory.getLogger(this.getClass());

    public GetToken() {
    }

    public void init() throws ServletException {
        super.init();
        Properties var1 = Prop.loadTemplateProp("WeaverLoginClient");
        RecordSet var2 = new RecordSet();
        boolean var3 = false;
        if (var1 != null) {
            Set var4 = var1.keySet();
            Iterator var5 = var4.iterator();

            while(var5.hasNext()) {
                Object var6 = var5.next();
                String var7 = var6.toString();
                String var8 = var1.getProperty(var7);
                var2.executeQuery("SELECT 1 FROM weaver_sso_app WHERE appid=?", new Object[]{var7});
                if (!var2.next()) {
                    var3 = true;
                    var2.executeUpdate("INSERT INTO weaver_sso_app\n        ( isuse ,\n          appid ,\n          appname ,\n          allow_ip ,\n          account_rules ,\n          definebroswerType ,\n          auth_type_ ,\n          app_secret_\n        )\nVALUES  ( '1' , \n          ? , \n          ? , \n          ? , \n          '1' , \n          '' , \n          'TOKEN' , \n          'yjcust'  \n        )", new Object[]{var7, var7, var8});
                }
            }
        }

        if (var3 && this.hasTokenServlet()) {
            var2.executeQuery("SELECT 1 FROM weaver_sso", new Object[0]);
            if (var2.next()) {
                var2.executeUpdate("UPDATE weaver_sso SET token_isuse='1'", new Object[0]);
            } else {
                var2.execute("delete from weaver_sso");
                var2.executeUpdate("insert into weaver_sso (isuse,token_isuse) values (?,?)", new Object[]{"0", "1"});
            }
        }

    }

    public void doPost(HttpServletRequest var1, HttpServletResponse var2) throws ServletException {
        try {
            String var3 = var1.getParameter("clientid");
            String var4 = var1.getParameter("appid");
            if (var3 != null) {
                var4 = var3;
            }

            String var5 = Util.null2String(var1.getParameter("loginid"));

            //2020/10/23 10:16 lth    单点登录支持
            String workcode=Util.null2String(var1.getParameter("workcode"));
            if(!workcode.equals("")){
                RecordSet rst= new RecordSet();
                rst.execute("select * from hrmresource where workcode ='"+workcode+"'");
                if(rst.first());
                var5= rst.getString("loginid");
            }



            String var6 = Util.null2String(var1.getParameter("type"));
            String var7 = "yjcust";
            String var8 = "1";
            String var9 = "";
            String var10 = Util.getIpAddr(var1);
            if ("ecology".equals(var6)) {
                User var11 = (User)var1.getSession(true).getAttribute("weaver_user@bean");
                if (var11 == null) {
                    this.logger.error("===========user is not logined, gettoken error!!!");
                    return;
                }

                var5 = var11.getLoginid();
                var4 = "ecology";
            } else {
                RecordSet var19 = new RecordSet();
                var19.executeQuery("select * from weaver_sso where token_isuse='1'", new Object[0]);
                if (!var19.next()) {
                    var2.getWriter().write("appid:" + var4 + " has not permission to use!!!");
                    return;
                }

                var19.executeQuery("SELECT * FROM weaver_sso_app WHERE appid=? AND isuse='1' AND auth_type_='TOKEN'", new Object[]{var4});
                if (!var19.next()) {
                    var2.getWriter().write("appid:" + var4 + " has not permission to use!!!");
                    return;
                }

                var9 = var19.getString("allow_ip");
                String[] var12 = Util.TokenizerString2(var9, ",");
                if (var12 != null && var12.length > 0) {
                    boolean var13 = false;
                    String[] var14 = var12;
                    int var15 = var12.length;
                    int var16 = 0;

                    while(true) {
                        if (var16 < var15) {
                            String var17 = var14[var16];
                            if (!var17.equalsIgnoreCase(var10)) {
                                ++var16;
                                continue;
                            }

                            var13 = true;
                        }

                        if (!var13) {
                            this.logger.error("===========request ip is not allowed!!!");
                            this.logger.error("===========request ip:" + var10);
                            var2.getWriter().write("IP is not allowed; IP is :" + var10);
                            return;
                        }
                        break;
                    }
                }
            }

            VerifyWeaverSSO var20 = new VerifyWeaverSSO();
            String var21 = var20.getRealLoginid(var4, var5, var10, "TOKEN");
            if (var21 == null || "".equals(var21)) {
                var2.getWriter().write(" has no account: " + var5 + "!!!");
                return;
            }

            String var22 = (new Date()).getTime() + "";
            String var23 = AES.encrypt(var21 + "|" + var22 + "|" + var4, var7);
            RecordSet var24 = new RecordSet();
            var24.executeQuery("select * from hrmresource where loginid=? ", new Object[]{var21});
            if (var24.next()) {
                var24.execute("select max(id ) maxid from sso_login_oa ");
                var24.next();
                String var25 = var24.getString("maxid");
                if ("".equals(var25)) {
                    var25 = "1";
                } else {
                    var25 = Integer.valueOf(var25) + 1 + "";
                }

                var24.executeUpdate("insert into sso_login_oa values(?,?,?,'0',?,?,'','','' )", new Object[]{var25, var4, var21, var22, var23});
                var2.getWriter().write(var23);
            } else {
                var2.getWriter().write(" has no account: " + var21 + "!!!");
            }
        } catch (Exception var18) {
            var18.printStackTrace();
        }

    }

    public void doGet(HttpServletRequest var1, HttpServletResponse var2) throws ServletException {
        try {
            this.doPost(var1, var2);
        } catch (Exception var4) {
            var4.printStackTrace();
        }

    }

    public boolean hasTokenServlet() {
        boolean var1 = false;
        String var2 = GCONST.getRootPath() + File.separatorChar + "WEB-INF" + File.separatorChar + "web.xml";
        File var3 = new File(var2);
        SAXBuilder var4 = new SAXBuilder(false);
        SecurityMethodUtil.setSaxBuilderFeature(var4);
        var4.setEntityResolver(new NoOpEntityResolver());
        Document var5 = null;
        boolean var6 = false;

        try {
            var5 = var4.build(var3);
            Element var7 = var5.getRootElement();
            List var8 = var7.getChildren("servlet");

            for(int var9 = 0; var9 < var8.size(); ++var9) {
                Element var10 = (Element)var8.get(var9);
                String var11 = var10.getChildText("servlet-class");
                if (var11.indexOf("weaver.weaver.weaversso.GetToken") == 0) {
                    var6 = true;
                    break;
                }
            }
        } catch (JDOMException var12) {
            var12.printStackTrace();
        } catch (IOException var13) {
            var13.printStackTrace();
        }

        return var6;
    }
}
